Bug 8199: inject ssh public key into systemvm iso file

Chiradeep Vittal · Chiradeep Vittal · commit 09145efc41b6 · 2011-01-28T12:24:18.000-08:00
diff --git a/cloud.spec b/cloud.spec
@@ -156,6 +156,7 @@ Requires: sudo
 Requires: /sbin/service
 Requires: /sbin/chkconfig
 Requires: /usr/bin/ssh-keygen
+Requires: /usr/bin/mkisofs
 Requires: MySQL-python
 Requires: python-paramiko
 Requires: augeas >= 0.7.1
diff --git a/scripts/vm/systemvm/injectkeys.sh b/scripts/vm/systemvm/injectkeys.sh
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+# $1 = new key
+
+#set -x
+
+TMP=/tmp
+SYSTEMVM_PATCH_DIR=../../../vms/
+MOUNTPATH=/mnt/cloud/systemvm
+TMPDIR=${TMP}/cloud/systemvm
+
+
+inject() {
+  local isofile=${SYSTEMVM_PATCH_DIR}/$1
+  local newpubkey=$2
+  local backup=${isofile}.bak
+  local tmpiso=${TMP}/$1
+  rm -rf $TMPDIR
+  mkdir -p $TMPDIR
+  [ ! -d $TMPDIR  ] && echo "$(basename $0): Could not find/create temporary dir $TMPDIR" && return 1
+  [ ! -f $isofile ] && echo "$(basename $0): Could not find systemvm iso patch file $isofile" && return 1
+  cp -b $isofile $backup
+  [ $? -ne 0 ] && echo "$(basename $0): Failed to backup original iso $isofile" && return 1
+  mount -o loop $isofile $MOUNTPATH 
+  [ $? -ne 0 ] && echo "$(basename $0): Failed to mount original iso $isofile" && return 1
+  cp -fr $MOUNTPATH/* $TMPDIR/
+  [ $? -ne 0 ] && echo "$(basename $0): Failed to copy from original iso $isofile" && return 1
+  cp $newpubkey $TMPDIR/authorized_keys
+  [ $? -ne 0 ] && echo "$(basename $0): Failed to copy key $newpubkey from original iso to new iso " && return 1
+  mkisofs -quiet -r -o $tmpiso $TMPDIR
+  [ $? -ne 0 ] && echo "$(basename $0): Failed to create new iso $tmpiso from $TMPDIR" && return 1
+  umount $MOUNTPATH
+  [ $? -ne 0 ] && echo "$(basename $0): Failed to unmount old iso from $MOUNTPATH" && return 1
+  cp -f $tmpiso $isofile
+  [ $? -ne 0 ] && echo "$(basename $0): Failed to overwrite old iso $isofile with $tmpiso" && return 1
+  rm -rf $TMPDIR
+}
+
+mkdir -p $MOUNTPATH
+
+[ $# -ne 1 ] && echo "Usage: $(basename $0)  <new keyfile>" && exit 3
+newpubkey=$1
+[ ! -f $newpubkey ] && echo "$(basename $0): Could not open $newpubkey" && exit 3
+[ $EUID -ne 0 ] && echo  "$(basename $0): You have to be root to run this script" && exit 3
+
+command -v mkisofs > /dev/null   || (echo "$(basename $0): mkisofs not found, please install or ensure PATH is accurate" ; exit 4)
+
+inject systemvm.iso $newpubkey
+#inject systemvm-premium.iso $newpubkey
+
+exit $?
diff --git a/server/src/com/cloud/server/ConfigurationServerImpl.java b/server/src/com/cloud/server/ConfigurationServerImpl.java
@@ -41,6 +41,7 @@
 import org.apache.commons.codec.binary.Base64;
 import org.apache.log4j.Logger;
 
+import com.cloud.agent.api.routing.NetworkElementCommand;
 import com.cloud.configuration.Config;
 import com.cloud.configuration.ConfigurationVO;
 import com.cloud.configuration.dao.ConfigurationDao;
@@ -84,6 +85,7 @@
 import com.cloud.utils.component.ComponentLocator;
 import com.cloud.utils.db.DB;
 import com.cloud.utils.db.Transaction;
+import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.utils.net.NetUtils;
 import com.cloud.utils.script.Script;
 
@@ -248,54 +250,8 @@ public void persistDefaultValues() throws InvalidParameterValueException, Intern
 		_configDao.update("init", "true");
 	}
 
-	/*
-	private String getManagementNetworkCIDR() {
-		String[] gatewayAndNetmask = getGatewayAndNetmask();
-		
-		if (gatewayAndNetmask == null) {
-			return null;
-		} else {
-			String gateway = gatewayAndNetmask[0];
-			String netmask = gatewayAndNetmask[1];
-			
-			String subnet = NetUtils.getSubNet(gateway, netmask);
-			long cidrSize = NetUtils.getCidrSize(netmask);
-			
-			return subnet + "/" + cidrSize;
-		}
-	}
-	*/
 
-	private String[] getGatewayAndNetmask() {
-		String defaultRoute = Script.runSimpleBashScript("/sbin/ip route | grep default");
-		
-		if (defaultRoute == null) {
-			return null;
-		}
-		
-		String[] defaultRouteList = defaultRoute.split("\\s+");
-		
-		if (defaultRouteList.length < 5) {
-			return null;
-		}
-		
-		String gateway = defaultRouteList[2];
-		String ethDevice = defaultRouteList[4];
-		String netmask = null;
-		
-		if (ethDevice != null) {
-			netmask = Script.runSimpleBashScript("/sbin/ifconfig " + ethDevice + " | grep Mask | awk '{print $4}' | cut -d':' -f2");
-		}
-			
-		if (gateway == null || netmask == null) {
-			return null;
-		} else if (!NetUtils.isValidIp(gateway) || !NetUtils.isValidNetmask(netmask)) {
-			return null;
-		} else {
-			return new String[] {gateway, netmask};
-		}
-	}
-	
+
 	private String getEthDevice() {
 		String defaultRoute = Script.runSimpleBashScript("/sbin/route | grep default");
 		
@@ -334,19 +290,7 @@ private String getEnvironmentProperty(String name) {
 		}
 	}
 	
-	private String getDNS() {
-		String dnsLine = Script.runSimpleBashScript("grep nameserver /etc/resolv.conf");
-		if (dnsLine == null) {
-			return null;
-		} else {
-			String[] dnsLineArray = dnsLine.split(" ");
-			if (dnsLineArray.length != 2) {
-				return null;
-			} else {
-				return dnsLineArray[1];
-			}
-		}
-	}
+	
 	
 	@DB
 	protected String getHost() {
@@ -511,6 +455,29 @@ protected void updateKeyPairs() {
                 s_logger.error("SQL of the public key failed",ex);
                 throw new RuntimeException("SQL of the public key failed");
             }
+            injectSshKeyIntoSystemVmIsoPatch(pubkeyfile.getAbsolutePath());
+            if (s_logger.isDebugEnabled()) {
+                s_logger.debug("Public key inserted into systemvm iso");
+            }
+        } else {
+            s_logger.info("Keypairs already in database");
+        }
+    }
+    
+
+    protected void injectSshKeyIntoSystemVmIsoPatch(String publicKeyPath) {
+        String injectScript = "scripts/vm/systemvm/injectkeys.sh";    
+        String scriptPath = Script.findScript("" , injectScript);
+        if ( scriptPath == null ) {
+            throw new CloudRuntimeException("Unable to find key inject script " + injectScript);
+        }
+        final Script command  = new Script(scriptPath,  s_logger);
+        command.add(publicKeyPath);
+       
+        final String result = command.execute();
+        if (result != null) {
+            s_logger.warn("Failed to inject generated public key into systemvm iso " + result);
+            throw new CloudRuntimeException("Failed to inject generated public key into systemvm iso " + result);
         }
     }
 
